>Thanks for the tip Jez but I'd still like to know what the @@lsearch* all
>means.
It is all in the manual, you just need to know where to look! 8-)
Starting with the @@ bit, this causes exim to split the local_part
and the domain of an address. For, say, user@???, exim would
then do a lookup in the file with 'user' and 'example.com'. If your
file had the entry:
example.com *
it would match the domain in the 1st column and user in the right
column. The above entry would match all local_parts. This is
equivalent to removing the @@ and making a domain list.
However, if you did this:
example.com okuser
then the match would fail because it would only match on the name
'okuser@???'. So @@ let's you be selective about what
local_parts to match in the file. I use this for blacklisting certain
senders from certain hosts.
Now the * on the end of lsearch* means that if the domain name can't
be found, it will look for a domain name of '*' in the 1st column and
then try to match the local_part with the list in the 2nd column. I
use this to match typical local_parts that spam tends to use although
it's less effective now than it used to be.
So for instance the top of my sender_reject_bydomain file, which uses
@@lsearch*, looks like this:
* ^tobaccogift.+$:^smokesfrom.+$:^.+prankcall.+$:^adultoffer.+$:
thinkx.tv *
connectfree.co.uk attaboy
The first line would match: smokesfrom@???, smokesfrom2@???.
Hope that helps. I find the syntax in exim a bit cryptic sometimes
but this is a useful feature which makes domain blocking more
flexible.
Glenn
>
>Leigh
>
>-----Original Message-----
>From: exim-users-admin@??? [mailto:exim-users-admin@exim.org] On Behalf
>Of Jez Hancock
>Sent: 29 January 2004 12:59
>To: Leigh Dodd
>Cc: exim-users@???
>Subject: Re: [Exim] Lsearch Questions
>
>On Thu, Jan 29, 2004 at 11:49:54AM -0000, Leigh Dodd wrote:
>> I have a config file that has the following line
>>
>> sender_reject_recipients = @@lsearch*;/usr/local/exim/blacklist.txt
>>
>> and the blacklist.txt has (shortened :-) )
>>
>> pixi.com: nlcar
><snip>
>>
>> The Exim web pages says about * after lsearch as
>>
>> "If `*' is added to a single-key lookup type (for example, lsearch*) and
>the
>> initial lookup fails, the key `*' is looked up in the file to provide a
>> default value"
>>
>> Now the questions
>>
>> 1). Am I right in assuming that the blacklist files should have a
>> * <somedomain>: <something>
>> entry at the end/top for the lsearch* default to work.
>> (all the entries in the file are like the about, no * on it's own)
>>
>> 2). I can't find any info on the two @@ at the start of the lsearch,
>> What do they do ?
>
>One way you could block mail from a number of domains is to define a
>domainlist called 'blacklist_domains' at the top of the exim configure
>file:
>
>domainlist blacklist_domains = /usr/local/exim/blacklist.txt
>
>and then reject mail from those domains near the top of your RCPT ACL:
>
>deny sender_domains = blacklist_domains
>
>I'm not sure how you can block mail from just a selection of addresses
>on a given domain which is perhaps what you were after if you're using
>lsearch.
>
>HTH
>--
>Jez Hancock
> - System Administrator / PHP Developer
>
>http://munk.nu/
>http://jez.hancock-family.com/ - Another FreeBSD Diary
>http://ipfwstats.sf.net/ - ipfw peruser traffic logging
>
>--
>
>## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
>details at http://www.exim.org/ ##
